Email this Article Email   

CHIPS Articles: Insider Threat to Cyber Security Random Counterintelligence Polygraph Program

Insider Threat to Cyber Security Random Counterintelligence Polygraph Program
By Office of the Deputy Chief of Naval Operations for Information Warfare (OPNAV N2N6) - January-March 2016
Vice Admiral Ted N. Branch, Deputy Chief of Naval Operations for Information Warfare (OPNAV N2N6) announces a new Navy-specific Random Counterintelligence Polygraph Program for privileged users and higher-risk personnel. This program is designed to mitigate and deter the potential insider threat to classified information, systems, and networks.

The Navy’s legal authority for this program is defined in the U.S. code, armed forces, general military law, and counterintelligence polygraph program; the Department of Defense directive on the DoD polygraph program; and the DoD instruction on polygraph and credibility assessment procedures.

Vice Adm. Branch announced the program in NAVADMIN 015/16 in January.

The Secretary of the Navy, Department of the Navy information assurance program manual defines privileged users as individuals who have access to system control, monitoring, or administration functions (e.g., system administrator, information assurance officer, system programmers, etc.).

The National Insider Threat Policy defines insider threat as a person who will use her/his authorized access, wittingly or unwittingly, to do harm to the security of the United States. This threat can include damage to the U.S. through espionage, terrorism, unauthorized disclosure of national security information, or through the loss or degradation of departmental resources or capabilities.

The following privileged users are subject to the Navy’s Random Counterintelligence Polygraph Program:

  1. Those whose duties involve access to Top Secret information.
  2. Those whose duties involve a Special Access Program under Executive Order 12958, as amended.
  3. Those whose duties involve the creation, use, or handling of classified information related to sensitive intelligence or operational activities.

According to Vice Adm. Branch, recent high-profile unauthorized disclosures of classified information involving U.S. service members, civilians, and contractors highlight the need to implement this Random Counterintelligence Polygraph Program.

The Random Counterintelligence Polygraph Program for privileged users is an additional tool to mitigate and deter the insider threat posed by higher-risk individuals who have elevated access and privileges to classified information, networks, and systems. Insider threats directly imperil our warfighting effectiveness and degrade our readiness.

Vice Adm. Branch wrote: This is an all-hands effort. Commanders are to ensure compliance with the Navy’s Random Counterintelligence Polygraph Program for privileged users.

The Deputy Chief of Naval Operations for Information Warfare (OPNAV N2N6) will publish additional guidance regarding the implementation and execution of this program, according to Vice Adm. Branch.

The Insider Threat to Cyber Security (ITCS/OPNAV N2N6 IP2) office is charged with coordinating the Navy’s Random Counterintelligence Polygraph Program for privileged users. OPNAV (N2N6 IP) will manage, oversee and coordinate the activities of the Random Counterintelligence Polygraph Program to include selection, notification, scheduling, and reporting of results to the appropriate authority.

ITCS will work closely with the Judge Advocate General of the Navy to ensure the program complies with applicable statutes, regulations, and directives. The Naval Criminal Investigative Service will conduct the Random Counterintelligence Polygraph Examinations in accordance with the Defense Department directive on the polygraph program.

OPNAV N2N6 IP2 will select privileged users from the Total Workforce Management System (TWMS) Information Assurance Workforce Module. TWMS is the system of record for documenting privileged users. OPNAV N2N6 IP will select higher-risk individuals in coordination and collaboration with Navy commands based on a risk management approach. OPNAV N2N6 is highly encouraging all Commands to update TWMS to reflect current privileged users.

Privileged users and higher-risk individuals will be entered into a software program that will generate a monthly list of randomly selected individuals for counterintelligence polygraph examinations.

OPNAV N2N6 IP2 will provide the randomly generated list of individuals to the Naval Criminal Investigative Service (NCIS) Office of Polygraph Services.

NCIS will contact each privileged user or higher-risk individuals Special Security Officer (SSO) or Command Security Manager (CSM) to inform them of the polygraph requirement and coordinate scheduling. NCIS will conduct counterintelligence polygraph examinations in accordance with the DoD instruction on polygraph and credibility assessment procedures.

OPNAV N2N6 will notify commands of all counterintelligence polygraph examination results and take appropriate action based on the findings.

NAVADMIN 319/13 outlined several actions designed to reduce threats to classified or sensitive information from insiders. Effectively implementing the Random Counterintelligence Polygraph Program will reduce the risk from insider threats.

Vice Adm. Branch wrote, The Director, Navy Staff serves as the overall OPNAV lead for Navy Insider Threat. OPNAV N2N6 continues to lead a focused effort to ensure the security of our classified and sensitive information, networks, and systems.

For more information on the Navy’s Random Counterintelligence Polygraph Program for privileged users, please contact Mrs. Jennifer Floyd, OPNAV N2N6, (703) 604-5799; or Ms. Angie O’Neal, OPNAV N2N6, (703) 604-5743. DSN: 664.

Download NAVADMIN 015/16 – (Corrected Copy), Insider Threat To Cyber Security Random Counterintelligence Polygraph Program.

Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer